- Fully transparent for users.
- Supports many protocols.
- Full OCR indexing: You can find anything that happened in sessions, including commands, programs opened, etc. Without OCR, you would only be able to find who did which sessions, but not the content of the sessions or what admins have been doing.
- Non-agent approach: A very important feature that is able to monitor access to devices which are not computers, such as switches, firewalls, or any device which uses SSH, TELNET, HTTPS. You are able to monitor access to the Internet by web browser, because SCB can work as a HTTP/S proxy.
Chief Technology Officer & Solution Architect at a tech services company with 51-200 employees
I like the support for many protocols, full OCR indexing and non-agent approach.
What is most valuable?
How has it helped my organization?
Our customers use it to provide full privileged-access monitoring for external users/administrators, so they are fully compliant and still have easy access to external user’s activity.
What needs improvement?
VMware PCoIP protocol support: Many customers are switching from normal computers/environment to VDI infrastructure and some of them are switching to VMware Horizon that uses PCoIP protocol, which is not supported right now.
Central management for more SCB boxes: If you have many boxes in a customer infrastructure (right now we have one customer of this kind in POC and they will need eight boxes) with the same configuration/purpose, you have to do everything 8x. I know this feature is on the roadmap, but nobody knows when it will be available.
For how long have I used the solution?
I’ve been using Balabit for six years.
Buyer's Guide
One Identity Safeguard
October 2024
Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.
What do I think about the stability of the solution?
We have not had stability issues.
What do I think about the scalability of the solution?
We have not had scalability issues.
How are customer service and support?
I give technical support a 4.5/5.
Which solution did I use previously and why did I switch?
We did not use any previous solutions.
How was the initial setup?
It was super easy to deploy, not complicated, and did not have the hidden Capex that competitors do!
What's my experience with pricing, setup cost, and licensing?
It’s an easy license model; you can choose virtual or hardware appliances.
Which other solutions did I evaluate?
We evaluated ObserveIT and CyberArk.
What other advice do I have?
Try more functions and use them! It’s a very powerful product; much more complex than all other competitors. But, almost all companies use it on less than 30% of their infrastructure.
Disclosure: My company has a business relationship with this vendor other than being a customer: We are Diamond Partner, but my own experience with Balabit and their SCB predates our company.
Head of Department at a financial services firm with 10,001+ employees
Supports Linux and the scalability is great
Pros and Cons
- "The transparent mode for privileged sessions is a very good solution."
- "On a scale of one to ten, the stability is an eight."
What is most valuable?
One of the most valuable features is that it supports the Linux operating system. Also, the transparent mode for privileged sessions is a very good solution.
What do I think about the stability of the solution?
On a scale of one to ten, the stability is an eight.
What do I think about the scalability of the solution?
The scalability is great.
How are customer service and technical support?
Technical support is great. We use the case platform.
Which solution did I use previously and why did I switch?
We didn't switch from another product. Using this solution has been a great decision in helping with our tasks.
How was the initial setup?
Deployment of the solution took two to three months. Our engineers installed it.
What other advice do I have?
It's a great product for our industry, which is banking.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
One Identity Safeguard
October 2024
Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.
Network & Security Engineer at Onetechpro dz
It has the ability to record and retrieve in the full-video format
Pros and Cons
- "Safeguard has the ability to record and retrieve in the full-video format."
- "We have issues using Safeguard to connect to and record from the cloud. Currently, they don't have a mechanism to record this type of connection."
What is our primary use case?
We use Safeguard to manage users when the client wants to record all discussions on an LDAP. The solution is deployed on a VMware ESXI because all our clients don't want a physical appliance. We average about 300 to 500 connections to Safeguard.
What is most valuable?
Safeguard has the ability to record and retrieve in the full-video format.
What needs improvement?
We have issues using Safeguard to record http/https connection in a video formt. Currently, they don't have a mechanism to record this type of connection.
For how long have I used the solution?
We've been working with One Identity Safeguard for about eight months. I work as an integrator for solutions like PAM and One Identity. We make alterations and integrate the solution.
What do I think about the scalability of the solution?
We run One Identity Safeguard on a VM, so we can create as many as we need.
How are customer service and support?
I had an issue about a week ago because we were migrating from an old VM to a new one. I opened a ticket, and they responded, but I didn't get a solution.
Which solution did I use previously and why did I switch?
How was the initial setup?
We set up a VM appliance and configured it then deployed the solution. The typical time for deployment and configuration is about three to five days.
What other advice do I have?
I rate One Identity Safeguard eight out of 10. It's an excellent solution and a perfect fit for our use case.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Networking and Security Engineer at a tech services company with 1-10 employees
Reasonable price, easy to deploy, and useful for session management
Pros and Cons
- "We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP."
- "We can't review or audit HTTP and HTTPS. This functionality should be added so that we can review and audit HTTP and HTTPS."
What is our primary use case?
We use it for controlling the client sessions into our data center.
What is most valuable?
We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP.
What needs improvement?
I requested for an evaluation license, but no one responded to me.
We can't review or audit HTTP and HTTPS. This functionality should be added so that we can review and audit HTTP and HTTPS.
For how long have I used the solution?
I have been using this solution for less than one year.
What do I think about the stability of the solution?
It is stable.
What do I think about the scalability of the solution?
It is scalable. It scales well in our company.
How are customer service and support?
I requested them for an evaluation license, but no one responded to me. They didn't give me an evaluation license.
Which solution did I use previously and why did I switch?
I have some knowledge of Wallix. It is a competitor of One Identity. They have similar functionalities, but I didn't explore it too much.
How was the initial setup?
It was easy. There were no problems. It is easy to navigate through the web interface.
What's my experience with pricing, setup cost, and licensing?
As compared to other products, it is reasonable, but the training sessions are too expensive.
What other advice do I have?
I haven't used other products, but I would highly recommend One Identity SPS.
I would rate it an eight out of 10.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
IT Security Consultant at a tech services company with 51-200 employees
Efficient and stable with excellent technical support
Pros and Cons
- "The solution's most valuable features are the efficiency and the quality of the recording."
- "I would like to see an adjustment with more enterprise architecture. You can buy multiple appliances but you can not fully separate different functions, so scaling might be a bit more complicated."
What is our primary use case?
We primarily use the solution for managing and monitoring privileged users, both internal and external.
How has it helped my organization?
Gave much more visibility over who is doing what and more granular control over external support engineers.
What is most valuable?
The solution's most valuable features are the efficiency and the quality of the recording.
What needs improvement?
I would like to see an adjustment with more enterprise architecture. Currently for SPS (SafeGuard for Privileged Sessions) there is only a single appliance option (both virtual and physical). It can be scaled using a load balancer to handle huge amount of sessions (although the device is quite efficient), but it also means you will need to purchase multiple boxes. It would be beneficial to have segregated modules as an option and you could buy and implement them separately. For example: trap module (proxy), audit module (search interface), storage module (store and encrypt recordings), etc.
For how long have I used the solution?
I've been using the solution for over three years with multiple customers and installations.
What do I think about the stability of the solution?
The stability of the solution is good.
What do I think about the scalability of the solution?
If your current architecture is not designed for this, then it can it may be difficult to expand beyond a certain amount. Our current biggest deployment is for thousands of users.
How are customer service and technical support?
Technical support is brilliant. They are very helpful.
Which solution did I use previously and why did I switch?
I was using other solutions in a lab environment for some demos and comparisons, but in real practice, I have not integrated other solutions.
How was the initial setup?
The initial setup is quite straightforward. However, to figure out how to use it, a consultant or an integrator for new users is highly advised.
What about the implementation team?
We're integrators for the solution. We help clients implement it.
Which other solutions did I evaluate?
Yes, I made some comparison on CyberArk, BeyondTrust, SSH and CA.
What other advice do I have?
We use the on-premises deployment model. We're an integrator company for this solution.
In terms of advice, I'd say new users should involve the integrator architecture team from the beginning. From a technical perspective, you need to have discussions with the network team from the beginning.
I'd rate the solution nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner and integrator
System Consultant at a tech services company with 1,001-5,000 employees
The initial setup is very easy
Pros and Cons
- "The initial setup is very easy."
- "The customer service and technical support are very good."
- "It needs more marketing."
What is our primary use case?
Privileged management.
How has it helped my organization?
Administrators can administrate the privileged accounts. It is a safer way to monitor the administrators.
What is most valuable?
Its hardware and compliance.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
Stability is very good.
What do I think about the scalability of the solution?
Scalability is very good.
How are customer service and technical support?
The customer service and technical support are very good.
How was the initial setup?
The initial setup is very easy.
Which other solutions did I evaluate?
I compared different solutions, like Oracle.
What other advice do I have?
It is a good solution, but it needs more marketing.
Most important criteria when selecting a vendor:
- The support
- How long the product has been in the market.
Disclosure: My company has a business relationship with this vendor other than being a customer: Quest partner.
PreSales Engineer at a tech vendor with 201-500 employees
It offers four-eye and gateway authentication with a real-time audit capability.
What is most valuable?
Monitoring and controls privileged access to remote server/appliances for RDP/SSH/HTTP/ICA/VNC protocols
Four-eye authentication and gateway authentication with real-time audit capability
Credential storage and user mapping policies
Inband destination selection with DNS resolve/mapping internal resources
Detailed audit search capability into proprietary video stream for all protocols supported with keylog functions
How has it helped my organization?
- Improved security
- Detailed audits for support/maintenance activities done by admin/technician and third-party engineers
- Drastically reduced unauthorized and improper use of systems and servers
What needs improvement?
The only improvement would be to manage more concurrent sessions.
For how long have I used the solution?
I have been using it for four years.
What do I think about the stability of the solution?
I have not encountered any stability issues.
What do I think about the scalability of the solution?
I have encountered scalability issues. The system needs to be properly analysed before putting it into production. Supported protocols have different needs in terms of computing power, and this directly impacts the number of concurrent sessions that can be managed.
How are customer service and technical support?
Customer Service:
absolutely perfect
Technical Support:Technical support is 10/10, absolutely.
Which solution did I use previously and why did I switch?
I did not previously use a different solution.
How was the initial setup?
The initial setup is straightforward, but you need to have a pre-defined plan, know how to implement authentication or the authentication store if used, and also how to do network integration.
What's my experience with pricing, setup cost, and licensing?
I don't know about pricing, but licensing is based on concurrent session through SCB.
Which other solutions did I evaluate?
Before choosing this product, I did not evaluate other options.
Disclosure: My company has a business relationship with this vendor other than being a customer: i'm working as system integrator, for Balabit products in Italy.
IT Security Engineer
Flexible modes can be integrated into the customer infrastructure and it supports multiple security officers.
What is most valuable?
Flexible modes are easily integrated into the customer infrastructure. It's easy to find needed information and the indexer does a good job.
Secure replays: Balabit SCB supports multiple security officers (something like senior and junior officer), who can encrypt upstream, and downstream flows, with different SSL certificates. For example, one officer can see replays, and another officer can only see replays by pressing on a key.
How has it helped my organization?
When I worked in a bank, it greatly facilitated the control admins and reduced the length of investigations.
What needs improvement?
With release 4f4a, I am pleased with the changes. The developers have spent a lot of time optimizing the interface for the convenience of users and it’s functional. Now, I think the best way to improve it will be to optimize the software, because the software begins to consume more resources (physical).
For how long have I used the solution?
I have been using Shell Control Box for more than two years.
What do I think about the stability of the solution?
By the new releases, I see that it uses some more resources, but this time it's not affected anything.
What do I think about the scalability of the solution?
We have not had any scalability issues.
How are customer service and technical support?
I rate technical support 5/5. They are quick and informative.
Which solution did I use previously and why did I switch?
I tested many another products, but there was an issue about productivity, which was critical to our choice.
How was the initial setup?
Initial setup was easy. There was step-by-step preinstalled software, which took two minutes.
What's my experience with pricing, setup cost, and licensing?
I think it's individual by owner and product.
Which other solutions did I evaluate?
What other advice do I have?
Develop product functional and implementation methods.
Disclosure: My company has a business relationship with this vendor other than being a customer: We sell BalaBit products.
Buyer's Guide
Download our free One Identity Safeguard Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Popular Comparisons
Cisco Identity Services Engine (ISE)
CyberArk Privileged Access Manager
IBM Security QRadar
SailPoint Identity Security Cloud
Fortinet FortiAuthenticator
Delinea Secret Server
Securonix Next-Gen SIEM
CyberArk Endpoint Privilege Manager
BeyondTrust Endpoint Privilege Management
WALLIX Bastion
BeyondTrust Privileged Remote Access
ARCON Privileged Access Management
ManageEngine Password Manager Pro
Delinea Privileged Access Service
Buyer's Guide
Download our free One Identity Safeguard Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
- Why should one choose One Identity Safeguard and One Identity Active Roles for the banking and insurance industry?
- What is One Identity Safeguard's lower-level architecture scheme?
- When evaluating Privileged Identity Management, what aspect do you think is the most important to look for?
- Which is the best Privileged Account Management solution?
- What are the top 5 PAM solutions that can be implemented which cover both hybrid and cloud?
- What are the top 5 PAM solutions?
- How will AI and ML help or work with PIM/PAM?
- Is BeyondTrust Endpoint Privilege Management really expensive compared to other tools or software?
- What is the difference between PAM and PAS?